A security analyst working in the SOC recently discovered Balances m which hosts visited a specific set of domains and IPs and became infected with malware. Which of the following is the MOST appropriate action to take in the situation?

• A.Implement an IPS signature for the malware and a change request to the firewall setting to not allow traffic to and from the IPs and domains
• B.Implement a change request to the firewall setting to not allow traffic to and from the IPs and domains
• C.Implement an IPS signature for the malware and another signature request to Nock all the associated domains and IPs
• D.implement an IPS signature for the malware and update the blacklisting for the associated domains and IPs

Comment: *

Name: *

Email: *

Verification: *

After scanning the main company's website with the OWASP ZAP tool, a cybersecurity analyst is reviewing the following warning:

The analyst reviews a snippet of the offending code:

Which of the following is the BEST course of action based on the above warning and code snippet?

• A.The organization should update the browser GPO to resolve the issue.
• B.The developer should review the code and implement a code fix.
• C.The system administrator should disable SSL and implement TLS.
• D.The analyst should implement a scanner exception for the false positive.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important when developing a threat hunting program?

• A.Understanding penetration testing techniques
• B.Understanding how to build correlation rules within a SIEM
• C.Understanding security software technologies
• D.Understanding assets and categories of assets

Comment: *

Name: *

Email: *

Verification: *

It is important to parameterize queries to prevent:

• A.the queries from using an outdated library with security vulnerabilities.
• B.the esrtablishment of a web shell that would allow unauthorized access.
• C.a memory overflow that executes code with elevated privileges.
• D.the execution of unauthorized actions against a database.

Comment: *

Name: *

Email: *

Verification: *

While monitoring the information security notification mailbox, a security analyst notices several emails were repotted as spam. Which of the following should the analyst do FIRST?

• A.Block the sender In the email gateway.
• B.Delete the email from the company's email servers.
• C.Ask the sender to stop sending messages.
• D.Review the message in a secure environment.

Comment: *

Name: *

Email: *

Verification: *